Need help: fwd on ipfw
freebsduser at comcast.net
Mon Oct 3 22:38:48 PDT 2005
----- Original Message -----
From: "Foo Ji-Haw" <jhfoo at nexlabs.com>
To: "K Anderson" <freebsduser at comcast.net>; <freebsd-questions at freebsd.org>
Sent: Monday, October 03, 2005 10:16 PM
Subject: Re: Need help: fwd on ipfw
> Hello Mr Anderson,
> So, the story is that the newer versions of 5.x comes with forwarding
> disabled, hence the inability to to ipfw add fwd?
> Ok, will definately give it a try. Thanks for being a better Googler than
I don't recall if the default kernel has it compiled in, most likely not.
You can check the generic kernel configuration file.
> ----- Original Message -----
> From: "K Anderson" <freebsduser at comcast.net>
> To: "Foo Ji-Haw" <jhfoo at nexlabs.com>; <freebsd-questions at freebsd.org>
> Sent: Tuesday, October 04, 2005 12:59 PM
> Subject: Re: Need help: fwd on ipfw
>> ----- Original Message -----
>> From: "Foo Ji-Haw" <jhfoo at nexlabs.com>
>> To: <freebsd-questions at freebsd.org>
>> Sent: Monday, October 03, 2005 9:20 PM
>> Subject: Need help: fwd on ipfw
>> Hi all, I really need your help on this if you can...
>> I am trying to put set up port forwarding on my machine. So far the usual
>> 'add allow' and 'add deny' rules work perfectly. The most important rule
>> which bugs me is the 'add fwd' rule, which the snippet below shows:
>> ipfw add fwd 192.168.0.4,80 tcp from 10.10.10.0 to any 80
>> When I try to enter this on the command line, I get the following error:
>> ipfw: getsockopt(IP_FW_ADD): Invalid Argument
>> I tried researching the web. Some mention the error only upon recompiling
>> kernels. But I am using the standard 5.4 product release as-is. My
>> rules in rc.conf are as follows:
>> I also have this line in dmesg:
>> ipfw2 initialized, divert disabled, rule-based forwarding disabled,
>> to deny, logging disabled
>> I see that 'rule-based forwarding' is disabled. Is this what caused the
>> error? How can I enable it? I can't find the details on the Handbook.
>> I did a google search on your message and found something. Here's a snip
>> options IPFIREWALL
>> options IPFIREWALL_DEFAULT_TO_ACCEPT
>> options IPFIREWALL_VERBOSE
>> options IPFIREWALL_FORWARD
>> if you don't add them to your kernel, forwarding in ipfw will be
>> Here's the URL.
>> Hope that helps.
>> ~Mr. Anderson
>> freebsd-questions at freebsd.org mailing list
>> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions